Tor: Pluggable Transports

Sometimes the Tor network is censored, and you can't connect to
it.

An increasing number of censoring countries are using Deep Packet
Inspection (DPI) to classify Internet traffic flows by protocol.
While Tor uses bridge relays to
get around a censor that blocks by IP address, the censor can use
DPI to recognize and filter Tor traffic flows even when they connect
to unexpected IP addresses.

Pluggable Transports help you bypass censorship against Tor.

Pluggable Transports (PT) transform the Tor traffic flow between the client
and the bridge. This way, censors who monitor traffic between the client
and the bridge will see innocent-looking transformed traffic instead of the
actual Tor traffic.
External programs can talk to Tor clients and Tor bridges using the pluggable
transport API, to make it easier to build interoperable programs.

Learn more:

How to use PTs to bypass censorship

If connections to the Tor network are being blocked by your ISP or country, follow these instructions:

Become a PT bridge operator:

How to run PTs to help censored users

Anyone can set up a PT bridge server and help provide bandwidth to users
who needs it. Once you set up a transport type, your bridge will
automatically advertise support for the transport in its descriptor.

obfs4 is currently the most effective transport to bypass
censorship. We are asking volunteers to run bridges for it. To learn
how to run this transport, please visit the obfs4proxy
wiki page.

List of PTs organized by status:

Currently deployed PTs

Description: Is a transport with the same features as ScrambleSuit but utilizing Dan Bernstein's elligator2 technique for public key obfuscation, and the ntor protocol for one-way authentication. This results in a faster protocol.

Description: Is a transport that uses HTTP for carrying bytes and TLS for obfuscation. Traffic is relayed through a third-party server (Google App Engine). It uses a trick to talk to the third party so that it looks like it is talking to an unblocked server.

Undeployed PTs

StegoTorus

Description:is an Obfsproxy fork that extends it to a) split Tor streams across multiple connections to avoid packet size signatures, and b) embed the traffic flows in traces that look like HTML, JavasCript, or PDF. See its git repository.

Many are at the research phase now, so it's a perfect time to play with them or suggest new designs. Please let us know if you find or start other projects that could be useful for making Tor's traffic flows more DPI-resistant!